Remediate guava dependency vulnerability and cleanup 'documentdb-bulkexecutor'

Change details

• excluded unused dependency documentdb-bulkexecutor to remove guava:24.1.1-jre version with vulnerabilities
• upgrade io.netty:netty-bom version to 4.1.98.Final

Changes in:

• GCP
• Azure
• AWS
• IBM

changed milestone to %M21 - Release 0.24

assigned to @thulasi_dass

added Azure MRDependencies Upgrade Vulnerability Management labels

added 1 commit

• edec31f5 - Update NOTICE

Compare with previous version

marked this merge request as ready

Hello @Srinivasan_Narayanan - Kindly review and approve the vulnerability remediation MR (Azure only changes).

• Pipeline all jobs are passed
• Verified the remediation by mvn dependency:tree -Dincludes=:guava:::
• Trivy container_scanning job guava dependency is not listed in the vulnerability list

cc: @chad @nursheikh @lucynliu

Thanks.

approved this merge request

Approved. Thanks @thulasi_dass

Hello Team, Merging security vulnerability fixes with passing pipelines as per policy.

Thanks.

mentioned in commit a4fbef12

merged